Malware And CampaignsCampaign

SparkCat malware in Apple and Google app stores scans photos for crypto recovery phrases

April 3, 2026The Hacker News

The Hacker News reports SparkCat reappearing in mobile app stores and using OCR to extract crypto recovery phrases from users photos, then exfiltrating them to attackers.

Open in PulseSee the full expert discussion →

QUOTES

SparkCat malware has reappeared on Apple and Google app stores, hiding inside everyday apps.

It scans photos for crypto recovery phrases and sends them to attackers, using OCR to extract sensitive data from images.

VOICES

The Hacker News

RELATED TERMS

malwareapplegooglegoogleapplemalware

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security